october/october Security Advisories for v2.0.0 (4)
-
[LOW] October CMS Allows Unprotected SVG Rename in Media Manager
PKSA-1r2f-d74z-j32s CVE-2024-51991 GHSA-96hh-8hx5-cpw7
Affected version: <3.7.5
Reported by:
GitHub -
[LOW] October allows an admin account to upload PDF containing malicious JavaScript
PKSA-b37x-tgms-g4z2 CVE-2024-45962 GHSA-hxpp-g76m-qhvg
Affected version: <=3.6.4
Reported by:
GitHub -
[HIGH] October CMS Cross-site Scripting vulnerability
PKSA-f5gt-nmcq-d353 CVE-2023-25365 GHSA-gcgj-qh8p-57hm
Affected version: <=3.2.0
Reported by:
GitHub -
[MEDIUM] Stored Cross-Site Scripting October CMS
PKSA-mn5j-jgxn-wwt6 CVE-2023-37692 GHSA-r47v-rxcg-p28j
Affected version: <=3.4.4
Reported by:
GitHub